/bicepgoat

BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Primary LanguageBicepApache License 2.0Apache-2.0

BicepGoat - Vulnerable Bicep and ARM Infrastructure

Maintained by Bridgecrew.io slack-community

BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat

BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Introduction

BicepGoat was built to enable DevSecOps design and implement a sustainable misconfiguration prevention strategy. It can be used to test a policy-as-code framework like Bridgecrew & Checkov, inline-linters, pre-commit hooks or other code scanning methods.

BicepGoat follows the tradition of existing *Goat projects that provide a baseline training ground to practice implementing secure development best practices for cloud infrastructure.

Important notes

Where to get help: the Bridgecrew Community Slack

Before you proceed please take a note of these warning:

⚠️ BicepGoat creates intentionally vulnerable Azure resources into your account. DO NOT deploy BicepGoat in a production environment or alongside any sensitive Azure resources.

Bridgecrew's IaC herd of goats

  • BicepGoat - Vulnerable by design Bicep templates
  • CDKGoat - Vulnerable by design CDK application
  • CfnGoat - Vulnerable by design Cloudformation template
  • TerraGoat - Vulnerable by design Terraform stack
  • kustomizegoat - Vulnerable by design kustomize deployment

Contributing

Contribution is welcomed!

We would love to hear about more ideas on how to find vulnerable infrastructure-as-code design patterns.

Support

Bridgecrew builds and maintains BicepGoat to encourage the adoption of policy-as-code.

If you need direct support you can contact us at info@bridgecrew.io.